merge checkReadPermission/checkWritePermission

rest_server/src/controllers/item_controller.js

@@ -7,8 +7,8 @@ const yaml = require('js-yaml');
 const protocolValidator = require('../utils/protocol');
 const error = require('../models/error');
 
-async function checkReadPermission(userInfo, item, categories) {
-  if (userInfo.admin === true) {
+async function checkWritePermission(tokenInfo, item, categories) {
+  if (tokenInfo.admin === true) {
     return true;
   }
   if (categories === undefined) {
@@ -18,11 +18,18 @@ async function checkReadPermission(userInfo, item, categories) {
     !categories.some(
       category => category.name === ItemCategory.OFFICIAL_EXAMPLE,
     ) &&
-    userInfo.username === item.author
+    tokenInfo.username === item.author
   ) {
     return true;
   }
-  if (item.isPublic) {
+  return false;
+}
+
+async function checkReadPermission(userInfo, item, categories) {
+  if (
+    item.isPublic ||
+    (await checkWritePermission(userInfo, item, categories))
+  ) {
     return true;
   }
   if (!item.isPrivate && (userInfo.grouplist && item.groupList)) {
@@ -35,24 +42,6 @@ async function checkReadPermission(userInfo, item, categories) {
   return false;
 }
 
-async function checkWritePermission(tokenInfo, item, categories) {
-  if (tokenInfo.admin === true) {
-    return true;
-  }
-  if (categories === undefined) {
-    categories = await MarketplaceItem.getCategories(item);
-  }
-  if (
-    !categories.some(
-      category => category.name === ItemCategory.OFFICIAL_EXAMPLE,
-    ) &&
-    tokenInfo.username === item.author
-  ) {
-    return true;
-  }
-  return false;
-}
-
 const list = asyncHandler(async (req, res, next) => {
   try {
     const result = await MarketplaceItem.list(